discourse/lib/secure_session.rb

# session that is not stored in cookie, expires after 1.hour unconditionally
class SecureSession
  def initialize(prefix)
    @prefix = prefix
  end

  def [](key)
    $redis.get("#{@prefix}#{key}")
  end

  def []=(key, val)
    if val == nil
      $redis.del("#{@prefix}#{key}")
    else
      $redis.setex("#{@prefix}#{key}", 1.hour, val.to_s)
    end
  end
end
SECURITY: prevent reuse of password reset 2016-12-19 01:00:22 -06:00			`# session that is not stored in cookie, expires after 1.hour unconditionally`
			`class SecureSession`
			`def initialize(prefix)`
			`@prefix = prefix`
			`end`

			`def [](key)`
			`$redis.get("#{@prefix}#{key}")`
			`end`

Add rubocop to our build. (#5004) 2017-07-27 20:20:09 -05:00			`def []=(key, val)`
SECURITY: prevent reuse of password reset 2016-12-19 01:00:22 -06:00			`if val == nil`
			`$redis.del("#{@prefix}#{key}")`
			`else`
			`$redis.setex("#{@prefix}#{key}", 1.hour, val.to_s)`
			`end`
			`end`
			`end`